@xapp/stentor-service-lex flagged credential stealer (npm) — Cremit · NHI Credential Stealer Index